Security

116
Total Pages
38
Linux-Friendly Pages
78
Pages with Bias
67.2%
Bias Rate

Bias Trend Over Time

Pages with Bias Issues

380 issues found
Showing 101-125 of 380 flagged pages
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/subdomain-takeover.md ...n/articles/security/fundamentals/subdomain-takeover.md
High Priority View Details →
Scanned: 2026-01-09 00:34
Reviewed by: LLM Analysis
Issues: 3 bias types
Detected Bias Types
Powershell Heavy Windows First Missing Linux Example
Summary
The documentation page demonstrates a Windows bias primarily through exclusive use of PowerShell tooling and examples (e.g., Get-DanglingDnsRecords.ps1), references to running scripts without mention of Linux-compatible alternatives, and a lack of guidance for Linux users. The only script and automation examples are PowerShell-based, and there are no Bash, CLI, or cross-platform instructions. The documentation assumes the reader is using Windows or PowerShell, and does not provide parity for Linux environments.
Recommendations
  • Provide equivalent Bash or Azure CLI examples for identifying and remediating dangling DNS entries, alongside PowerShell.
  • Explicitly mention cross-platform compatibility for scripts and tools, or provide platform-specific instructions.
  • Reference and link to Linux-friendly tools or scripts (e.g., Python, Bash) for DNS record discovery and automation.
  • Include guidance for running Azure Resource Graph queries using Azure CLI or REST API, not just PowerShell.
  • Add a section or callout for Linux users, clarifying how to adapt the instructions and scripts for non-Windows environments.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/develop/secure-design.md ...s/blob/main/articles/security/develop/secure-design.md
High Priority View Details →
Scanned: 2026-01-09 00:34
Reviewed by: LLM Analysis
Issues: 4 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Powershell Heavy Missing Linux Example
Summary
The documentation page exhibits a Windows bias primarily through its references to Microsoft-centric tools, services, and patterns. Examples and links often point to Windows or Microsoft-specific technologies (e.g., PowerShell, Entra ID, .NET, Azure Key Vault) without mentioning or providing Linux or open-source equivalents. Windows/PowerShell interfaces are referenced before alternatives, and there is a lack of explicit Linux-focused guidance or examples.
Recommendations
  • Include Linux-specific examples and guidance for Azure management (e.g., using Azure CLI, Bash, or Linux-based automation tools alongside PowerShell).
  • Mention and link to open-source or cross-platform alternatives where possible (e.g., alternatives to Microsoft Entra ID, .NET, or Key Vault for non-Windows environments).
  • Provide parity in documentation by listing Linux tools and workflows before or alongside Windows/PowerShell options.
  • Highlight how Azure services and security practices can be implemented on Linux-based workloads, including containerized and open-source stacks.
  • Add references to Linux security best practices and how they integrate with Azure (e.g., SELinux, AppArmor, Linux file permissions, Linux-based logging and monitoring tools).
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/develop/threat-modeling-tool-auditing-and-logging.md ...y/develop/threat-modeling-tool-auditing-and-logging.md
High Priority View Details →
Scanned: 2026-01-09 00:34
Reviewed by: LLM Analysis
Issues: 3 bias types
Detected Bias Types
🔧 Windows Tools Windows First Missing Linux Example
Summary
The documentation demonstrates a Windows bias by referencing Windows-specific tools (e.g., Windows ACLs, SQL Server, WCF/.NET Framework) and providing configuration examples only for Windows technologies (WCF). There is a lack of Linux-specific examples, such as using Linux file permissions, log rotation tools (e.g., logrotate), or Linux-based database auditing. Windows terminology and tools are mentioned exclusively or before any cross-platform alternatives.
Recommendations
  • Add Linux-specific examples for log file access control (e.g., using chmod, chown, setfacl on log files).
  • Include log rotation examples using Linux tools such as logrotate, and mention separation of logs via Linux partitions.
  • Provide auditing and logging configuration examples for popular Linux-based web servers (e.g., Apache, Nginx) and databases (e.g., MySQL, PostgreSQL).
  • When discussing database auditing, mention equivalent features and configuration steps for Linux-based databases.
  • Balance references to Windows technologies (e.g., WCF, SQL Server) with Linux/open-source alternatives (e.g., REST APIs, Flask/Django logging, syslog).
  • Explicitly state cross-platform considerations and provide parity in recommendations for both Windows and Linux environments.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/develop/threat-modeling-tool-authentication.md ...ecurity/develop/threat-modeling-tool-authentication.md
High Priority View Details →
Scanned: 2026-01-09 00:34
Reviewed by: LLM Analysis
Issues: 4 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Missing Linux Example Powershell Heavy
Summary
The documentation demonstrates a Windows bias in several areas: Windows Authentication and Windows-based tools are recommended or mentioned first for SQL Server and WCF scenarios, with little to no mention of Linux or cross-platform alternatives. Examples and references are heavily oriented toward Windows-centric technologies (e.g., MSMQ, Windows Authentication, Windows Server certificate services), and there is a lack of Linux-specific guidance or parity in authentication scenarios. No Linux command-line or configuration examples are provided, and the documentation assumes a Windows environment for several security recommendations.
Recommendations
  • Provide Linux/Unix authentication alternatives and examples alongside Windows ones, such as Kerberos or certificate-based authentication using OpenSSL.
  • When recommending Windows Authentication, also mention and link to equivalent Linux authentication mechanisms (e.g., GSSAPI, PAM, LDAP, Kerberos) for SQL Server on Linux.
  • For certificate management, include instructions and examples for generating and managing certificates using OpenSSL or Linux-based CA tools, not just Windows Server certificate services.
  • In WCF and MSMQ sections, clarify cross-platform support and suggest alternatives for Linux environments (e.g., using AMQP, RabbitMQ, or other message queues with authentication).
  • Ensure that all code/configuration examples are available for both Windows and Linux environments where possible, or clearly indicate platform limitations.
  • Review references and external links to include Linux and open-source resources, not just Microsoft/Windows documentation.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/develop/threat-modeling-tool-authorization.md ...security/develop/threat-modeling-tool-authorization.md
High Priority View Details →
Scanned: 2026-01-09 00:34
Reviewed by: LLM Analysis
Issues: 3 bias types
Detected Bias Types
🔧 Windows Tools Windows First Missing Linux Example
Summary
The documentation page demonstrates a bias towards Windows environments and Microsoft technologies. Examples and configuration snippets are almost exclusively for .NET, WCF, and ASP.NET, with references to Windows roles, Windows groups, and Microsoft-specific identity providers (ADFS, Entra ID). There are no Linux-specific examples, nor are Linux tools, patterns, or equivalents mentioned. Windows-centric terminology (e.g., 'Builtin\Administrators', 'machine.config', 'app.config') is used without cross-platform alternatives or parity guidance.
Recommendations
  • Include Linux-specific examples for authorization, such as using POSIX ACLs, sudoers configuration, or systemd service permissions.
  • Mention Linux equivalents for user privilege management, e.g., use of /etc/passwd, /etc/group, and PAM modules.
  • Provide cross-platform code/configuration samples, such as showing both Windows and Linux ways to restrict access to files, directories, and services.
  • Reference identity providers and authentication mechanisms common in Linux environments (e.g., LDAP, Kerberos, OAuth2 providers like Keycloak).
  • When discussing RBAC, include Azure CLI and PowerShell examples alongside Bash and Linux command-line tools.
  • Clarify when recommendations are generic and when they are Windows-specific, and offer Linux alternatives where applicable.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/develop/threat-modeling-tool-communication-security.md ...develop/threat-modeling-tool-communication-security.md
High Priority View Details →
Scanned: 2026-01-09 00:34
Reviewed by: LLM Analysis
Issues: 4 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Powershell Heavy Missing Linux Example
Summary
The documentation page demonstrates a Windows bias by prioritizing Windows-specific technologies and examples (e.g., ASP.NET, WCF, SQL Server Management Studio, ServicePointManager, web.config/URL Rewrite), referencing Windows tools and patterns (e.g., Data Management Gateway, SMB 3.x with Windows clients), and omitting Linux or cross-platform equivalents in code samples and configuration guidance. Most code and configuration examples are .NET/C#, with no mention of Linux command-line, OpenSSL, NGINX/Apache, or other non-Windows approaches. Windows terminology and references (e.g., 'Windows Azure', 'Windows Phone', 'SQL Server Management Studio', 'web.config') are used throughout, and Linux alternatives are not provided or discussed.
Recommendations
  • Add Linux-specific examples for configuring HTTPS, certificate validation, and HSTS (e.g., using NGINX, Apache, OpenSSL).
  • Include cross-platform code samples (e.g., Python, Java, Node.js) for certificate pinning and HTTPS enforcement.
  • Reference Linux tools and patterns (e.g., systemd service accounts, Linux SMB clients, Linux SQL clients) alongside Windows ones.
  • Provide parity in configuration instructions (e.g., show how to enforce HTTPS using NGINX/Apache config, not just web.config/URL Rewrite).
  • Mention and link to documentation for Linux equivalents (e.g., Azure Files SMB support for Linux, SQL Server connection encryption from Linux clients).
  • Avoid using Windows terminology exclusively (e.g., 'Windows Azure', 'Windows Phone') and clarify cross-platform applicability.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/develop/threat-modeling-tool-cryptography.md .../security/develop/threat-modeling-tool-cryptography.md
High Priority View Details →
Scanned: 2026-01-09 00:34
Reviewed by: LLM Analysis
Issues: 4 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Powershell Heavy Missing Linux Example
Summary
The documentation demonstrates a clear Windows bias by prioritizing Windows technologies, APIs, and tools (e.g., CNG, CAPI, Win32/64, .NET, BitLocker, TPM on Windows IoT Core, SQL Server features) throughout the cryptography guidance. Windows-specific solutions are described in detail, often with code examples, while Linux or cross-platform equivalents are rarely mentioned or omitted entirely. Where alternatives are listed (e.g., random number generators), Windows APIs are listed first and with more detail. There are no Linux command-line or open-source tool examples, and Linux-specific cryptographic practices (e.g., use of OpenSSL, dm-crypt, LUKS, GnuPG, Linux TPM stack) are missing.
Recommendations
  • Include Linux-specific examples and references for cryptographic operations, such as OpenSSL, GnuPG, dm-crypt/LUKS for disk encryption, and Linux TPM tools.
  • Provide parity in code samples, showing both Windows (.NET, CNG, PowerShell) and Linux (Python, C, Bash/OpenSSL) implementations for key generation, encryption, and random number generation.
  • Mention and link to Linux equivalents for features like BitLocker (e.g., LUKS/dm-crypt), TPM support (Linux tpm2-tools), and database encryption (PostgreSQL TDE, MySQL encryption).
  • List cross-platform APIs and libraries (e.g., OpenSSL, libsodium, BouncyCastle) alongside Windows-specific ones.
  • Avoid listing Windows APIs/tools first by default; alternate or group by platform.
  • Add guidance for Linux/Unix administrators and developers, including relevant security policies and configuration steps.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/develop/threat-modeling-tool-exception-management.md ...y/develop/threat-modeling-tool-exception-management.md
High Priority View Details →
Scanned: 2026-01-09 00:34
Reviewed by: LLM Analysis
Issues: 3 bias types
Detected Bias Types
Windows First Missing Linux Example 🔧 Windows Tools
Summary
The documentation page demonstrates a strong Windows bias by focusing exclusively on Windows-centric technologies (WCF, ASP.NET, IIS), configuration files (web.config, machine.config), and references to Windows tools and settings. All code and configuration examples are for .NET and Windows environments, with no mention of Linux equivalents (e.g., Apache, Nginx, Mono, .NET Core on Linux). Steps and mitigations reference IIS and Windows deployment methods, omitting Linux deployment scenarios and tools.
Recommendations
  • Include equivalent examples for Linux environments, such as exception handling in .NET Core running on Linux, or in other cross-platform frameworks.
  • Mention Linux web servers (e.g., Apache, Nginx) and how to configure error handling and deployment securely in those environments.
  • Provide configuration file examples for Linux (e.g., appsettings.json for .NET Core, or configuration for other frameworks).
  • Reference Linux deployment tools and patterns (systemd, Docker, etc.) alongside IIS and Windows-specific instructions.
  • Clarify which recommendations are cross-platform and which are Windows-specific, and provide parity where possible.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/develop/threat-modeling-tool-input-validation.md ...urity/develop/threat-modeling-tool-input-validation.md
High Priority View Details →
Scanned: 2026-01-09 00:34
Reviewed by: LLM Analysis
Issues: 4 bias types
Detected Bias Types
Windows First Powershell Heavy 🔧 Windows Tools Missing Linux Example
Summary
The documentation exhibits a strong Windows bias: examples and configuration snippets are almost exclusively for Windows/.NET technologies (e.g., IIS, web.config, MSXML, .NET Framework, ASP.NET MVC, WCF). Windows-specific tools and APIs are referenced first or solely (e.g., http.sys, MSXML, IIS, SqlClient, web.config). There are no Linux/Unix or cross-platform code/configuration examples, and alternative approaches for non-Windows environments are generally omitted or relegated to brief mentions (e.g., NSXMLParser for OSX/iOS is referenced but not exemplified).
Recommendations
  • Provide equivalent examples for Linux/Unix environments (e.g., Apache/Nginx configuration for HTTP headers, Python/Java/Node.js code for input validation).
  • Include cross-platform or open-source libraries and tools (e.g., libxml2, OWASP ESAPI, Python's lxml, Java's javax.xml, etc.) in code samples and mitigation strategies.
  • Reference Linux/Unix server configuration files (e.g., .htaccess, nginx.conf) alongside web.config/IIS examples.
  • Offer guidance for non-.NET stacks (e.g., Django, Flask, Express.js, Spring) in relevant sections.
  • Explicitly mention and demonstrate how mitigations apply in Linux or containerized environments (e.g., Docker, Kubernetes).
  • Balance references to Windows-specific APIs/tools with alternatives for other platforms, and avoid presenting Windows solutions first unless they are the only supported option.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/develop/threat-modeling-tool-configuration-management.md ...velop/threat-modeling-tool-configuration-management.md
High Priority View Details →
Scanned: 2026-01-09 00:34
Reviewed by: LLM Analysis
Issues: 4 bias types
Detected Bias Types
Windows First Missing Linux Example 🔧 Windows Tools Powershell Heavy
Summary
The documentation is heavily focused on Windows and Microsoft technologies, with configuration examples and mitigation steps almost exclusively referencing Windows-centric tools (e.g., IIS web.config, BitLocker, Windows Firewall, ASP.NET, WCF). There is a notable absence of Linux or cross-platform equivalents, and Windows solutions are presented as the default or only option. No Linux-specific configuration, tooling, or code samples are provided, even for generic security concepts.
Recommendations
  • Add equivalent Linux/Unix examples for configuration management tasks (e.g., setting HTTP headers via Apache/Nginx, configuring firewalls with iptables or firewalld).
  • Include references to Linux-native disk encryption tools (e.g., LUKS, dm-crypt) alongside BitLocker.
  • Provide cross-platform code samples for generic web security headers (e.g., CSP, X-Frame-Options) using popular Linux web servers.
  • Mention Linux IoT distributions and their security features (e.g., Ubuntu Core, Yocto, SELinux, AppArmor) when discussing IoT device security.
  • Reference open-source alternatives to Windows-specific technologies (e.g., .NET Core on Linux, alternatives to WCF, Key management using HashiCorp Vault or GnuPG).
  • Ensure that mitigation steps and recommendations are not exclusively tied to Windows environments, and clarify when a solution is platform-specific.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/develop/threat-modeling-tool-releases-71607021.md ...rity/develop/threat-modeling-tool-releases-71607021.md
High Priority View Details →
Scanned: 2026-01-09 00:34
Reviewed by: LLM Analysis
Issues: 3 bias types
Detected Bias Types
🔧 Windows Tools Missing Linux Example Windows First
Summary
The documentation page exclusively references Windows as the supported operating system for the Microsoft Threat Modeling Tool, with no mention of Linux or macOS support or equivalents. All system requirements and download instructions are Windows-centric, and there are no examples or guidance for Linux users. This demonstrates a clear Windows bias, both in tool availability and documentation focus.
Recommendations
  • Explicitly state platform support, including whether Linux or macOS are supported or not.
  • If Linux/macOS versions are unavailable, suggest alternative threat modeling tools for those platforms.
  • Provide guidance for running the tool on Linux (e.g., via Wine or virtualization) if possible.
  • Include cross-platform documentation sections or examples where relevant.
  • Engage with the open-source community to explore cross-platform support or contributions.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/develop/threat-modeling-tool-sensitive-data.md ...ecurity/develop/threat-modeling-tool-sensitive-data.md
High Priority View Details →
Scanned: 2026-01-09 00:34
Reviewed by: LLM Analysis
Issues: 4 bias types
Detected Bias Types
🔧 Windows Tools Windows First Missing Linux Example Powershell Heavy
Summary
The documentation exhibits Windows bias by referencing Windows-specific technologies and tools (e.g., EFS, DPAPI, BitLocker, Windows Intune, Windows credential types) without providing equivalent Linux examples or alternatives. Windows tools and patterns are mentioned exclusively or before Linux equivalents, and code/configuration samples are almost entirely Windows/.NET-centric, with no Linux shell, configuration, or tool examples. Linux technologies (e.g., dm-crypt) are only briefly mentioned and not explained or exemplified.
Recommendations
  • For every Windows-specific tool or technology (e.g., EFS, DPAPI, BitLocker), add Linux equivalents (e.g., eCryptfs, LUKS/dm-crypt, GnuPG, pass) and provide usage examples.
  • Include Linux-focused code/configuration samples alongside .NET/Windows samples, such as shell scripts, config file snippets, or references to Linux security modules.
  • When discussing encryption for file systems or disks, detail both Windows and Linux approaches equally, including setup and management steps for dm-crypt/LUKS.
  • Expand references and links to include Linux documentation and open-source alternatives, not just Microsoft/Windows resources.
  • For mobile device management, mention Android Enterprise and Linux-based device management solutions in addition to Windows Intune.
  • Where authentication or credential management is discussed, include Linux PAM, keyring, or other Linux-native mechanisms.
  • Ensure that generic recommendations (e.g., obfuscation, encryption) are illustrated with cross-platform tools and examples, not just .NET/Windows-centric ones.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/antimalware-code-samples.md ...cles/security/fundamentals/antimalware-code-samples.md
High Priority View Details →
Scanned: 2026-01-09 00:34
Reviewed by: LLM Analysis
Issues: 4 bias types
Detected Bias Types
Powershell Heavy 🔧 Windows Tools Missing Linux Example Windows First
Summary
The documentation exclusively provides PowerShell code samples and references to Windows-centric tools and file paths (e.g., C:\), with no mention of Linux equivalents or cross-platform alternatives. All examples assume a Windows environment and do not address how to enable or configure Microsoft Antimalware on Linux-based Azure VMs or environments. The documentation also references Windows-specific configuration formats (XML with Windows paths/processes) and does not offer parity for Linux users.
Recommendations
  • Add Bash/CLI examples for deploying and configuring Antimalware on Linux-based Azure VMs.
  • Clarify whether Microsoft Antimalware is supported on Linux, and if not, suggest equivalent solutions (e.g., Microsoft Defender for Endpoint for Linux).
  • Include instructions for using Azure CLI and ARM templates in a cross-platform manner, not just via PowerShell.
  • Provide configuration examples that use Linux file paths and processes, or note differences in exclusion syntax for Linux.
  • Explicitly state platform limitations and direct Linux users to relevant documentation or tools.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/develop/threat-modeling-tool-releases-71604081.md ...rity/develop/threat-modeling-tool-releases-71604081.md
High Priority View Details →
Scanned: 2026-01-09 00:34
Reviewed by: LLM Analysis
Issues: 3 bias types
Detected Bias Types
Windows First Missing Linux Example 🔧 Windows Tools
Summary
The documentation exclusively references Windows as the supported operating system for the Microsoft Threat Modeling Tool, with no mention of Linux or cross-platform compatibility. System requirements specify Windows 10 and .NET Framework, both Windows-centric technologies. There are no Linux installation instructions, examples, or alternatives provided.
Recommendations
  • Explicitly state whether Linux is supported or not. If not, consider providing rationale or future plans for Linux support.
  • If Linux is supported, add installation instructions and system requirements for Linux distributions.
  • Include examples or screenshots for Linux environments if applicable.
  • Mention any cross-platform alternatives or workarounds for Linux users (e.g., running via Wine, using a web version, etc.).
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/develop/threat-modeling-tool-releases-71610151.md ...rity/develop/threat-modeling-tool-releases-71610151.md
High Priority View Details →
Scanned: 2026-01-09 00:34
Reviewed by: LLM Analysis
Issues: 3 bias types
Detected Bias Types
Windows First Missing Linux Example 🔧 Windows Tools
Summary
The documentation for the Microsoft Threat Modeling Tool is heavily Windows-centric. Only Windows 10 is listed as a supported operating system, with no mention of Linux or macOS compatibility. The system requirements specify .NET Framework (Windows-only), and there are no examples, instructions, or troubleshooting steps for Linux users. The documentation implicitly assumes a Windows environment throughout.
Recommendations
  • Clearly state platform limitations and, if possible, provide information about Linux/macOS support or alternatives.
  • If the tool is Windows-only, suggest cross-platform alternatives or provide guidance for running the tool on Linux (e.g., via Wine or virtual machines).
  • Include troubleshooting steps or FAQs for non-Windows users, or explicitly mention lack of support.
  • Ensure future documentation includes parity for Linux and macOS where applicable, such as installation instructions, system requirements, and usage examples.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/develop/threat-modeling-tool-session-management.md ...ity/develop/threat-modeling-tool-session-management.md
High Priority View Details →
Scanned: 2026-01-09 00:34
Reviewed by: LLM Analysis
Issues: 4 bias types
Detected Bias Types
Windows First Powershell Heavy 🔧 Windows Tools Missing Linux Example
Summary
The documentation is heavily oriented toward Windows and Microsoft technologies, with all code examples and configuration snippets using ASP.NET, C#, XML web.config, and references to ADFS, MSAL, and Windows Identity Foundation. Powershell is used for administrative tasks, and there are no examples or guidance for Linux-based stacks, cross-platform frameworks, or open-source alternatives. Linux tools, patterns, and configuration files are not mentioned or provided.
Recommendations
  • Provide equivalent examples for Linux-based web frameworks (e.g., Django, Flask, Node.js/Express, Java/Spring) for session management, CSRF mitigation, and secure cookie configuration.
  • Include configuration snippets for popular Linux web servers (e.g., Nginx, Apache) showing how to enforce secure cookies and session timeouts.
  • Offer guidance for logout and session termination in cross-platform identity providers (e.g., Keycloak, Auth0) and frameworks.
  • Replace or supplement Powershell commands with bash/shell equivalents or REST API calls where possible.
  • Reference open standards and cross-platform libraries for anti-forgery tokens and authentication, not just ASP.NET-specific solutions.
  • Add links to Linux documentation and community resources for session management and security best practices.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/azure-marketplace-images.md ...cles/security/fundamentals/azure-marketplace-images.md
High Priority View Details →
Scanned: 2026-01-09 00:34
Reviewed by: LLM Analysis
Issues: 3 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Missing Linux Example
Summary
The documentation page presents security recommendations for both Linux and Windows images. However, there is evidence of Windows bias: Windows terminology (e.g., 'Windows Server roles') appears in the Linux section, Windows-specific tools (BitLocker) are mentioned without Linux equivalents, and some recommendations (e.g., auto-update, drive encryption) are detailed for Windows but lack Linux-specific guidance or examples. Additionally, some checks are described with more specificity for Windows than for Linux.
Recommendations
  • Remove or rephrase Windows-specific terms from the Linux section (e.g., 'Windows Server roles').
  • Add Linux equivalents for Windows-specific tools and features, such as recommending LUKS or dm-crypt for drive encryption.
  • Provide Linux-specific guidance for auto-updating security patches (e.g., using unattended-upgrades or dnf-automatic).
  • Ensure that recommendations for removing sensitive information reference Linux-specific files (e.g., /etc/hosts, .bash_history) alongside Windows equivalents.
  • Balance the level of detail between Windows and Linux sections, ensuring both have actionable, platform-specific examples.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/encryption-overview.md .../articles/security/fundamentals/encryption-overview.md
High Priority View Details →
Scanned: 2026-01-09 00:34
Reviewed by: LLM Analysis
Issues: 3 bias types
Detected Bias Types
🔧 Windows Tools Windows First Missing Linux Example
Summary
The documentation page exhibits Windows bias primarily in the sections discussing SMB encryption, where only Windows versions and tools are mentioned (Windows Server 2012 R2, Windows 8/8.1/10), with no reference to Linux SMB clients or their encryption capabilities. The VPN sections mention SSTP, a protocol primarily supported by Windows, without discussing Linux-compatible alternatives or configuration steps. No Linux-specific examples, tools, or patterns are provided throughout the page, and Windows tools/protocols are mentioned exclusively or before any cross-platform equivalents.
Recommendations
  • Add references to Linux SMB clients (such as Samba) and document how SMB encryption can be enabled and used on Linux systems.
  • In VPN sections, mention and provide guidance for Linux-compatible VPN protocols (e.g., OpenVPN, strongSwan for IPsec/IKE) and include links to Linux configuration guides.
  • Where protocols or features are discussed (e.g., SSTP, SMB), clarify cross-platform support and provide parity in examples and instructions for both Windows and Linux environments.
  • Include sample commands, configuration steps, or code snippets for Linux (bash, CLI tools) alongside any Windows or PowerShell examples.
  • Review and update references to ensure that Linux tools and patterns are mentioned with equal prominence to Windows equivalents.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/hypervisor.md ...blob/main/articles/security/fundamentals/hypervisor.md
High Priority View Details →
Scanned: 2026-01-09 00:34
Reviewed by: LLM Analysis
Issues: 3 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Missing Linux Example
Summary
The documentation page exhibits a Windows bias by exclusively referencing Windows Hyper-V as the hypervisor technology, with no mention of Linux-based hypervisors (such as KVM or Xen) or Linux-specific security patterns. All technical descriptions, security objectives, and mitigation strategies are framed around Windows-centric tools and terminology. There are no examples or guidance for Linux environments, nor is there discussion of how Azure supports or secures Linux-based VMs at the hypervisor level.
Recommendations
  • Include references to Linux-based hypervisors (e.g., KVM, Xen) and explain how Azure secures Linux VMs at the hypervisor layer.
  • Provide examples or descriptions of security boundaries and mitigations as they apply to Linux guests, including any differences in implementation or assurance.
  • Mention Linux-specific security features or patterns (such as SELinux, AppArmor, or kernel hardening) where relevant to hypervisor security.
  • Clarify whether the described security objectives and mitigations apply equally to both Windows and Linux VMs, and highlight any platform-specific considerations.
  • Add links to documentation on securing Linux VMs in Azure, including integration with Azure RBAC, audit, and platform integrity mechanisms.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/data-encryption-best-practices.md ...ecurity/fundamentals/data-encryption-best-practices.md
High Priority View Details →
Scanned: 2026-01-09 00:34
Reviewed by: LLM Analysis
Issues: 3 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Missing Linux Example
Summary
The documentation demonstrates a Windows bias by referencing Windows-centric tools and patterns, such as Privileged Access Workstation (PAW), without mentioning Linux equivalents. The examples and recommendations for secure workstations and endpoint protection are focused on Microsoft technologies, with no guidance for Linux environments. There are no Linux-specific examples or alternative open-source tools provided for key management, workstation security, or endpoint protection.
Recommendations
  • Include Linux-specific guidance for secure management workstations, such as recommendations for hardened Linux desktops (e.g., Ubuntu LTS with security hardening, Qubes OS, etc.).
  • Mention open-source or cross-platform alternatives for endpoint protection and privileged access, such as SELinux, AppArmor, or sudo policies.
  • Provide parity in examples and instructions for key management and encryption, referencing Linux command-line tools (e.g., OpenSSL, GnuPG) and integration with Azure services from Linux environments.
  • Add explicit statements and links to documentation for securing Linux endpoints and managing privileged access on Linux systems.
  • Ensure that recommendations for VPN, SSL/TLS, and other network security controls include Linux configuration steps and tools (e.g., strongSwan, OpenVPN, iptables).
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/feature-availability.md ...articles/security/fundamentals/feature-availability.md
High Priority View Details →
Scanned: 2026-01-09 00:34
Reviewed by: LLM Analysis
Issues: 3 bias types
Detected Bias Types
Powershell Heavy 🔧 Windows Tools Windows First
Summary
The documentation page displays a moderate Windows bias, primarily through the exclusive use of PowerShell for administrative examples and references, and the prioritization of Windows-centric tools and terminology (e.g., Active Directory, Office, PowerShell). Linux-specific examples, tools, or administrative patterns are largely absent, and Windows/PowerShell approaches are mentioned first or exclusively in several sections, especially in Azure Information Protection and Azure Attestation. The only explicit Linux mention is for the Defender for IoT micro agent, which is brief and not accompanied by parity in administrative guidance.
Recommendations
  • Include Linux-specific administrative examples and tooling (e.g., Bash, CLI, configuration files) alongside PowerShell examples for all relevant features.
  • Reference cross-platform tools (Azure CLI, REST API) in all sections where PowerShell is mentioned, and provide usage examples for both Windows and Linux environments.
  • Highlight Linux compatibility and deployment patterns for features such as Azure Information Protection scanner, Defender for Cloud, and Azure Attestation.
  • Add documentation links and guidance for Linux system integration (e.g., integration with LDAP, Linux file servers, Linux-based automation) where only Windows/Active Directory is currently referenced.
  • Ensure that feature tables and configuration steps mention both Windows and Linux support, and clarify any platform-specific limitations or requirements.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/iaas.md ...-docs/blob/main/articles/security/fundamentals/iaas.md
High Priority View Details →
Scanned: 2026-01-09 00:34
Reviewed by: LLM Analysis
Issues: 4 bias types
Detected Bias Types
Windows First Powershell Heavy 🔧 Windows Tools Missing Linux Example
Summary
The documentation page demonstrates a moderate Windows bias. Windows tools and terminology (such as PowerShell cmdlets, Windows Defender, WSUS, and Windows Update) are mentioned more frequently and often before Linux equivalents. Several examples and instructions (e.g., backup/snapshot, disk encryption, key management) use Windows-centric tools or PowerShell cmdlets, with Linux alternatives either missing or referenced only in passing. Some sections (e.g., monitoring/diagnostics) focus on Windows VM extensions without equal coverage for Linux. Linux-specific guidance is present but less detailed and often secondary.
Recommendations
  • Provide Linux-specific command-line examples (e.g., Bash/CLI) alongside PowerShell cmdlets for tasks such as disk encryption, backup, and key management.
  • Mention Linux tools and update mechanisms (e.g., apt, yum, unattended-upgrades) when discussing VM patching and updates, not just Windows Update/WSUS.
  • Expand coverage of Linux monitoring and diagnostics extensions, including configuration and usage examples.
  • List antimalware solutions popular in Linux environments (e.g., ClamAV, Sophos) and provide integration steps, not just Windows Defender and Microsoft Antimalware.
  • Ensure that instructions and examples for Azure features (e.g., snapshots, encryption, JIT access) include both Windows and Linux VM scenarios, with parity in detail and clarity.
  • When referencing Azure Resource Manager templates or automation, include Linux-specific deployment and configuration patterns.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/identity-management-overview.md .../security/fundamentals/identity-management-overview.md
High Priority View Details →
Scanned: 2026-01-09 00:34
Reviewed by: LLM Analysis
Issues: 3 bias types
Detected Bias Types
Windows First Missing Linux Example 🔧 Windows Tools
Summary
The documentation page demonstrates a Windows bias by referencing Windows-centric technologies (Active Directory, AD FS, Windows Hello for Business) and linking to Windows-specific concepts (security principals). There are no explicit Linux or cross-platform examples, and Windows tools and terminology are presented as the default or only option for identity management and device registration. Linux equivalents or guidance for non-Windows environments are missing throughout.
Recommendations
  • Include examples and guidance for Linux-based environments, such as integrating Azure identity management with Linux servers and applications.
  • Reference cross-platform authentication methods and device registration, such as using FIDO2 keys on Linux or configuring SSO for Linux-based web apps.
  • Provide links to documentation on managing identities and access for Linux and macOS devices, not just Windows domain-joined devices.
  • Mention open standards and tools (e.g., SSSD, Kerberos, LDAP) that are commonly used in Linux environments for identity management.
  • Ensure that terminology and examples do not assume a Windows-only infrastructure, and clarify support for heterogeneous environments.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/isolation-choices.md ...in/articles/security/fundamentals/isolation-choices.md
High Priority View Details →
Scanned: 2026-01-09 00:34
Reviewed by: LLM Analysis
Issues: 4 bias types
Detected Bias Types
🔧 Windows Tools Windows First Powershell Heavy Missing Linux Example
Summary
The documentation page exhibits a moderate Windows bias. Windows-specific tools and terminology (e.g., Windows Firewall, Active Directory Federation Services, BitLocker) are mentioned exclusively or before their Linux equivalents. Examples and references to Windows technologies (such as Group Policy, Windows credentials, BitLocker) are more detailed and frequent, while Linux equivalents (e.g., dm-crypt, mdadm, LVM) are mentioned only briefly or as secondary options. There are no command-line examples for Linux (e.g., Bash, CLI), and the operational patterns described (such as privilege elevation and management) are rooted in Windows-centric approaches. References to PowerShell or Windows management tools are implicit in the management and access control sections, with no parity for Linux tools or workflows.
Recommendations
  • Provide Linux-specific examples and workflows alongside Windows ones, such as using Bash or Azure CLI for access control and diagnostics.
  • Mention Linux equivalents (e.g., iptables for firewalling, sudo for privilege elevation) explicitly and in parallel with Windows tools.
  • Ensure that references to management and security tools (e.g., Group Policy, BitLocker) are paired with Linux alternatives (e.g., SELinux, dm-crypt) and provide equal detail.
  • Include sample commands and configuration steps for both Windows and Linux environments when discussing isolation, access control, and encryption.
  • Avoid using Windows terminology as the default; present both Windows and Linux options together to improve cross-platform parity.
GitHub Create Pull Request
Security https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/security/fundamentals/management.md ...blob/main/articles/security/fundamentals/management.md
High Priority View Details →
Scanned: 2026-01-09 00:34
Reviewed by: LLM Analysis
Issues: 4 bias types
Detected Bias Types
Windows First 🔧 Windows Tools Powershell Heavy Missing Linux Example
Summary
The documentation page exhibits a strong Windows bias throughout. Windows-specific tools (AppLocker, Hyper-V, Group Policy, Windows Firewall, BitLocker, MMC, Windows Intune) are mentioned exclusively or before any cross-platform alternatives. Administrative examples and recommendations focus on Windows environments, with repeated references to Windows PowerShell for Azure management and no Linux or macOS equivalents. There is a lack of Linux-specific guidance, examples, or tool recommendations for hardening, remote management, or workstation configuration. The document assumes Active Directory and Windows-centric security patterns, omitting mention of Linux firewalls (iptables, nftables), SELinux/AppArmor, Linux VPN clients, or Linux-based management workflows.
Recommendations
  • Include Linux-specific examples for remote management, workstation hardening, and Azure administration (e.g., using Azure CLI on Linux, SSH-based workflows, Linux firewall configuration).
  • Mention Linux equivalents for Windows tools, such as AppArmor/SELinux for application control, iptables/nftables for firewall, and Linux disk encryption (LUKS) for BitLocker.
  • Provide guidance for managing Azure resources from Linux and macOS, including relevant command-line tools (Azure CLI, Terraform, Ansible) and security best practices.
  • Add sections or tables comparing Windows and Linux approaches to workstation hardening, remote access, and policy enforcement.
  • Reference cross-platform identity and authentication solutions, such as SSSD, LDAP, or PAM, alongside Active Directory.
  • Ensure that PowerShell examples are accompanied by Azure CLI or Bash alternatives for parity.
GitHub Create Pull Request
Previous Page 5 of 16 Next